Security

Enabling iMIS Security When Validating User Credentials Against Another Database.

Introduction to Problem:

We had a client who moved to another CRM provider but wanted to manage their website’s content with iMIS WCM. The challenges were 1) validating user credentials against the 3rd party CRM when they log in through iMIS, 2) after validation is successful, activate the iMIS website security and 3) add a record in iMIS when the user exists in the 3rd party CRM but not iMIS.

Enabling iMIS Security When Validating User Credentials Against Another Database.

Introduction to Problem:

We had a client who moved to another CRM provider but wanted to manage their website’s content with iMIS WCM. The challenges were 1) validating user credentials against the 3rd party CRM when they log in through iMIS, 2) after validation is successful, activate the iMIS website security and 3) add a record in iMIS when the user exists in the 3rd party CRM but not iMIS.

Custom Membership Provider

I am currently attempting to write a custom membership provider that integrates iMIS with another database to authenticate against. Currently everything is running smoothly except after a successful login I get an iMIS error message stating 

"You do not have permission to view this content."

What am I missing?

How best to use On Behalf Of?

I was pondering how best to support On Behalf Of (OBO) in my iParts in addition to the existing support for Logged In ID and Selected ID, when I realized that ASI may have already solved part of this puzzle.

Are there any guidelines or patterns for how these three entities should be used?  My initial perception is that OBO substitutes partially for Logged In ID, but things can get really fuzzy when you start playing with combinations.

Business Object Security

There are some user-defined tables created and secured to a single member type. Those tables have corresponding 'Cs' Business Objects but they're available to non-authorized users (i.e. people of a different member type) for selection when building and running an IQA report, thus exposing secured data.

How can security be applied to a Business Object? I see some security options available when editing the BO through the Business Object Designer interface (under the Properties tab) but all fields are disabled, even for Manager.

Access keywords for user defined fields in the web view

iMIS 15.1 lets you secure UD tabs with access keywords. Is there a way to do this in the web view as well?

I know McGladrey has a great product in the vwSuite that lets you secure multi-instance tables using roles (not access keywords), but the logic is not available for single-instance tables yet (I couldn't be wrong though).

Thanks,
Annie

Access commerce web components but not the rest of system setup

Hello,

Wasnt able to find anything that helped so I am hoping someone here will be able to point me in the correct direction.  I am trying to accomplish the following:  Allow specific bookstore management staff the ability to utilize the 'Set up Commerce Web Components' area of 'System Setup' so they can manage the online bookstore yet not allow them access to the other areas of the 'System Setup' tab that they should not have.

Robo Help - Has anyone implemented?

Has anyone implemented Robo Help and integrated with eSeries or Public?

If so, do you have any resources that we can use? Are you hosting it on the same site as eSeries or Public or a separate site? 

Back door iMIS login using membership webservice without needing password

They want to be able to log as user in without a user password using our web service.   iMIS does not allow this as far as I know.   The membership web service always requires a password.  Yet if logging in from a third party system you may not know the password for the iMIS side :

Here’s the scenario:

 

 

 

Disaster recovery for using iMIS username/passwords with iMIS down

I have a client that wants users to be able to login using iMIS usernames/password without iMIS being up.   What they would like to do is copy hashed password field from iMIS to current system (for disaster recovery.) I know this is stored in aspnet_membership table.   Thing is without iMIS up you won’t be able to validate users with it unless ASI development shares how our encryption is done as far as I know. Is iMIS using standard Crypto which is part of the .NET framework?  Is there another way to meet this requirement?